what chaos (controlling havoc and overhauling security) theory means
TRANSCRIPT
CHAOSThe New Order for IT
Cloud and mobility have shifted the power balance from IT to users. As more data moves beyond the traditional enterprise perimeter, organizations need to embrace a new way of securing data.
}
}
78% of companies say there were more than twice as many personal devices connecting to corporate networks in 2013 alone.
73% of IT staff say employees’ personal use of the cloud has influenced enterprise adoption of cloud computing.
Now BYOD has gone mainstream, and users are accessing data in the cloud with their own devices.
Employees used to work on PCs that were behind a corporate firewall and accessed applications that were only corporate IT provisioned.
38% of U.S. office workers admitted to storing work documents in personal clouds, often bypassing corporate IT policies.
IT has an opportunity to maintain business relevancy by shifting from infrastructure to contextual-based controls.
CHAOS is the methodology by which today’s CIOs and CISOs can achieve effective risk governance and enable business innovation.
Mission critical applications now run 24/7 and are accessed by employees from a variety of locations and devices.
46% of mission critical applications now run on virtual servers, outside of traditional network defenses.
CONTROLLING HAVOC
ACCEPTING
Accepting the fact that cloud has rendered the old security paradigm obsolete can actually help organizations use cloud computing as a way to keep their business safe.
With the data centralized in the cloud, there is less of a risk of laptops or other rough “landmines” slipping through the cracks and exposing sensitive data.
MONITORING BENEFITS
Central storage is easier to monitor.
REDUCED DATA LEAKAGE
SOURCES:
1 http://www.securedgenetworks.com/secure-edge-networks-blog/bid/87987/10-Surprising-BYOD-Stats-You-Need-to-See
2 http://www.cisco.com/en/US/solutions/collateral/ns170/ns896/ns1095/nemertes_securing_dc.pdf
3 http://www.vertic.com/blog/year_of_the_enterprise_tablet_infographic/
4 https://www.lumension.com/Lumension/media/graphics/Resources/2014-state-of-the-endpoint/2014-State-of-the-Endpoint-Whitepaper-Lumension.pdf
5 http://www.ecommercetimes.com/story/78745.html#sthash.rD14WZhP.pdf
6 http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns171/ns466/net_implementation_white_paper0900aecd80557152.html
7 http://www.crn.com/slide-shows/security/240124895/6-corporate-byod-stats-to-worry-it-professionals.htm?pgno=4
8 http://www.emc.com/collateral/industry-overview/big-data-fuels-intelligence-driven-security-io.pdf
9 http://cloudsecurity.org/blog/2008/07/21/assessing-the-security-benefits-of-cloud-computing.html
InfoSec professionals can embrace CHAOS and protect their organizations from the realities of an always-on world.
CHAOS can promote business adoption of cloud and mobility by transforming how IT approaches “control”.
71% of IT administrators say the security threats created by vulnerabilities to the endpoint have become more difficult to stop or mitigate.
10% of organizations are “fully aware” of the devices accessing
their network.
43%
of IT administrators said that they plan to use the security
technologies already in place to protect mobile corporate devices to secure employee-owned devices.
Traditional security products designed to protect closed
environments with well-defined security boundaries are not effective
in the new business environment.
IT teams are too focused on controlling endpoints rather than securing the data.
Only 20% of organizations take advantage of big data analytics to help secure their networks.
Big data analytics is expected to emerge as the cornerstone of an intelligence-driven security program for preventing, and even predicting, high-stakes security threats.
OVERHAULING SECURITY
BYOD and cloud are here, but BYOD security is still nascent.